package com.ruoyi.system.coretools;

import com.google.api.client.googleapis.auth.oauth2.GoogleIdToken;
import com.google.api.client.googleapis.auth.oauth2.GoogleIdToken.Payload;
import com.google.api.client.googleapis.auth.oauth2.GoogleIdTokenVerifier;
import com.google.api.client.http.javanet.NetHttpTransport;
import com.ruoyi.common.exception.ServiceException;
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.common.utils.spring.SpringUtils;
import com.ruoyi.system.domain.TUserInfo;
import com.ruoyi.system.domain.dto.TUserInfoDto;
import com.ruoyi.system.service.ISysConfigService;
import com.ruoyi.system.service.ITUserInfoService;
import com.ruoyi.system.service.UserService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

import javax.annotation.Resource;
import javax.security.auth.login.LoginException;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.util.Collections;
import java.util.Objects;

/**
 * google登录工具类
 */
@Component
public class GoogleAuthTools {
    private static final Logger log = LoggerFactory.getLogger(GoogleAuthTools.class);
    public static String client_id;

    public GoogleAuthTools() {
        ISysConfigService configService = SpringUtils.getBean(ISysConfigService.class);
        this.client_id = configService.selectConfigByKey("google.auth.client_id");

    }

    public String googleVerify(String idTokenString) throws Exception {
        //获取客户端先通过sdk到google官方获取idTokenString,idtokenStringJacksonFactory.getDefaultInstance();
        GoogleIdTokenVerifier verifier = new GoogleIdTokenVerifier.Builder(new NetHttpTransport(), com.google.api.client.googleapis.util.Utils.getDefaultJsonFactory())
                //测试用，后面换配置 909240184236-6atkjikeupgjantsafeti9u3pbh9u6gh.apps.googleusercontent.com
                .setAudience(Collections.singletonList(client_id))//CLIENT_ID
                //.setAudience(Arrays.asList(CLIENT_ID_1, CLIENT_ID_2, CLIENT_ID_3))
                .build();
        //递交过来后构建应用并校验这个idTokenString
        GoogleIdToken idToken = verifier.verify(idTokenString);
        if (idToken != null) {
            Payload payload = idToken.getPayload();
            log.info("payload:{}", payload);
            String userId = payload.getSubject();
            log.info("获取到google User ID: {}", userId);
            String email = payload.getEmail();
            boolean emailVerified = Boolean.valueOf(payload.getEmailVerified());
            /*String name = (String) payload.get("name");
            String pictureUrl = (String) payload.get("picture");
            String locale = (String) payload.get("locale");
            String familyName = (String) payload.get("family_name");
            String givenName = (String) payload.get("given_name");*/

            if (emailVerified == false) {
                throw new LoginException("email verified fail");
            }
            return email;

        } else {
            log.info("Invalid ID token:{}", idTokenString);
            throw new LoginException("google login verify error");
        }
    }
}
